SipDeviceConfiguration

Version 69 (Adrian Georgescu, 05/26/2012 03:43 pm) → Version 70/106 (Adrian Georgescu, 05/26/2012 03:44 pm)

h1. SIP Device Configuration

There are thousands of SIP devices on the market, for how to configure them we advise you to consult the support forum of the device manufacturer.

Please do not open a ticket related to how a particular device must be configured.

Setup your SIP device as follows:

h2. SIP Account Credentials

Account credentials are used for authentication and authorization of SIP requests performed by the SIP device.

Your SIP address is XXX@sip2sip.info replace XXX with the username chosen during the account enrollment.

| Username| XXX|
| Password| YYY|
| Domain/Realm|sip2sip.info|

Register must be turned On in order to receive incoming calls.

If your SIP devices is smart enough, there is no need to set manually anything else than the above settings. If you need to manually fine tune the configuration read below.

[[SipDevices|Specific SIP devices configuration]]

h2. Outbound Proxy

There are multiple SIP servers distributed in multiple geographic locations. To locate them, the SIP device must always perform DNS lookups as defined in SIP standard "RFC3263":http://www.ietf.org/rfc/rfc3263.txt (NAPTR + SRV + A DNS lookups)

You should never set manually an IP address belonging to SIP2SIP server infrastructure into your SIP device as it may change. You must use proper DNS lookups instead of hardwiring these setting into your SIP device.

| Host | Port | Protocol |
| proxy.sipthor.net| 5060| UDP |
| proxy.sipthor.net| 5060| TCP |
| proxy.sipthor.net| 5061| TLS |

h2. TLS Settings

You may use TLS transport, the SIP servers have a valid X.509 certificate issued by "RapidSSL":http://www.rapidssl.com corresponding to the proxy.sipthor.net hostname of the proxy. If the client does not RapidSSL certificate authority loaded, it may fail to validate the certificate. If the client allows it you can download the "RapidSSL root CA":http://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer into it. Turn TLS certificate validation off to circumvent the problem.

h2. XCAP Root

If you use SIMPLE presence you need to set XCAP root:

| XCAP Root | https://xcap.sipthor.net/xcap-root/|

h2. MSRP Relay

If you use SIMPLE instant messaging based on "MSRP":http://tools.ietf.org/html/rfc4975, a "relay":http://tools.ietf.org/html/rfc4976 is available for helping traverse the NAT. You need to use the relay if you are the receiving party and you are behind a NAT-ed router. The MSRP relays can be found in the DNS by using SRV lookup for _msrps._tcp.sip2sip.info.

h2. STUN Servers

You may use STUN for ICE NAT traversal. The STUN servers can be found in the DNS by using SRV lookup for _stun._udp.sip2sip.info.

h2. NAT Traversal

SIP2SIP infrastructure is smart enough to handle the NAT traversal for both SIP signaling, RTP and MSRP media sessions. Also it supports ICE negotiation in the clients and provides automatically a TURN relay candidate.

Practically, you should not set any NAT traversal features in the client as the chance of fixing things is much smaller than breaking them.

* Do not use STUN for Register purposes
* Do not set your client to discover a global IP address